Warning: Use of undefined constant add_shortcode - assumed 'add_shortcode' (this will throw an Error in a future version of PHP) in /nfs/c03/h02/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/stray-quotes/stray_quotes.php on line 615

Warning: Use of undefined constant MSW_WPFM_FILE - assumed 'MSW_WPFM_FILE' (this will throw an Error in a future version of PHP) in /nfs/c03/h02/mnt/49321/domains/hackingtheuniverse.com/html/wp-content/plugins/wordpress-file-monitor/wordpress-file-monitor.php on line 39
2009 Security Report

2009 Security Report

Symantecs MessageLabs Intelligence 2009 Annual Security Report offers some very interesting information about the past year and assumptions about the near future of malware and other security threats. Here are a few teasers that should encourage you to read the entire report:

3.2.4. Command and Control: Mysterious Messages and Covert Channels
In the 12-months since the McColo ISP was taken offline the Trojan technology behind botnet-oriented malware has improved, with more rootkit-type kernel drivers becoming the norm. A rootkit is a set of software tools or services that enable an attacker to hide the fact that a computer has been compromised.

The command and control (C&C) mechanisms have also evolved, making it harder to disrupt a botnet, shifting more towards HTTP and away from IRC (Internet Relay Chat) . With increased use of “bullet-proof” or fast-flux based domain name services, more command and control channels will be reliant on HTTP as the protocol of choice.

…. more….

As we move into 2010, it is expected that botnets will become more autonomous or artificially intelligent, perhaps even exhibiting the characteristics of swarm intelligence, where each compromised computer will have built-in self-sufficient coding in order to coordinate and extend its own survival. This will mean the botnet controllers will have more time to focus on driving the bots use in spamming and other criminal activities, rather than dedicate resources to extending the lifecycle of the botnet.

and …

4.8. Malware Predictions for 2010

  • 4.8.1. Increasingly Specialized Malware in 2010
  • 4.8.2. Antivirus is Not Enough
  • 4.8.3. Social Engineering as the Primary Attack Vector
  • 4.8.4. Rogue Security Software Vendors Escalate Their Efforts
  • 4.8.5. Social Networking Third-Party Applications Will be the Target of Fraud
  • 4.8.6. Fast Flux Botnets Increase

and …

[small excerpt from 7. Conclusions]
Malware and spam in 2009 relied more on the use of the Web than in previous years, as attacks swung more towards social networking environments, micro-blogging websites and shortened-URLs, compromised websites and account profiles created using CAPTCHA-breaking technology were all being used to host spam or malicious content. The use of such in spam campaigns and malware attacks has been one aspect of this, and the pattern is expected to continue in 2010 as email will continue to be the primary social engineering tool for these attacks, and especially for targeted malware attacks.

Leave a Reply

You must be logged in to post a comment.